Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/D3cieqzvMC2PKTA9TYePjqQn8Q2dKxfX8RghKKopqMFP/0/323830343a363235633a3a2f33322d3332203d3e20323639323932.roa
File:                     323830343a363235633a3a2f33322d3332203d3e20323639323932.roa (raw, json)
Hash identifier:          Qf1AKQUVJEo0TWetYl/0R8LDuxxKKivHBRp1bsiN+Dg=
Subject key identifier:   21:F5:54:64:0D:8D:54:20:F5:67:CA:D1:6D:4B:82:3F:F3:42:32:8E
Certificate issuer:       /CN=891876379661096633CCF1E14D82D1BBB9CBF133
Certificate serial:       52CFF1A2D84CDC89B5913E3D8EDEBDA5AA603DD6
Authority key identifier: 89:18:76:37:96:61:09:66:33:CC:F1:E1:4D:82:D1:BB:B9:CB:F1:33
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/891876379661096633CCF1E14D82D1BBB9CBF133.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/D3cieqzvMC2PKTA9TYePjqQn8Q2dKxfX8RghKKopqMFP/0/323830343a363235633a3a2f33322d3332203d3e20323639323932.roa
Signing time:             Tue 16 Sep 2025 17:07:07 +0000
ROA not before:           Tue 16 Sep 2025 17:02:07 +0000
ROA not after:            Tue 15 Sep 2026 17:07:07 +0000
asID:                     269292
IP address blocks:        2804:625c::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/D3cieqzvMC2PKTA9TYePjqQn8Q2dKxfX8RghKKopqMFP/0/891876379661096633CCF1E14D82D1BBB9CBF133.crl
                          rsync://rpki-repo.registro.br/repo/D3cieqzvMC2PKTA9TYePjqQn8Q2dKxfX8RghKKopqMFP/0/891876379661096633CCF1E14D82D1BBB9CBF133.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/891876379661096633CCF1E14D82D1BBB9CBF133.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 21 Oct 2025 22:14:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:cf:f1:a2:d8:4c:dc:89:b5:91:3e:3d:8e:de:bd:a5:aa:60:3d:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=891876379661096633CCF1E14D82D1BBB9CBF133
        Validity
            Not Before: Sep 16 17:02:07 2025 GMT
            Not After : Sep 15 17:07:07 2026 GMT
        Subject: CN=21F554640D8D5420F567CAD16D4B823FF342328E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:8a:b7:0e:06:c6:c4:7c:85:05:46:fc:1e:34:
                    d8:20:48:c2:b6:a2:fb:fe:09:7d:87:98:62:6b:37:
                    ce:14:84:42:74:8a:44:8e:b0:2f:fa:b3:79:d1:89:
                    90:61:aa:74:09:70:c4:cc:9a:8d:41:7f:e7:f4:7f:
                    48:78:d6:59:f3:c1:5f:68:f5:48:a5:75:c0:ec:44:
                    b9:95:6d:20:e6:7b:c6:c6:9d:08:04:0c:5f:a0:bd:
                    02:cc:19:37:36:55:e6:21:74:b2:a4:e6:2a:d2:8a:
                    45:38:a4:8e:4b:a7:8d:fc:8f:8b:62:cf:2f:ac:95:
                    d7:1c:bb:00:72:58:e7:13:f4:e9:b2:d3:61:d3:54:
                    75:df:93:e6:04:92:56:f9:ef:0c:96:a2:a8:66:29:
                    ae:19:af:b4:ce:aa:66:39:8c:78:4f:8d:b3:d5:8c:
                    37:f3:ab:d5:3d:32:1c:4f:d8:17:2c:7a:69:58:3e:
                    a8:5b:2e:c3:59:88:41:ec:d6:95:2d:ca:54:11:d8:
                    67:f0:d9:37:83:c4:5f:de:e7:ed:b3:3e:7b:73:b7:
                    dc:70:2b:64:20:25:98:7a:6f:65:57:bf:52:76:cc:
                    bf:ea:90:09:c2:19:e9:d2:d3:da:03:c0:3a:62:16:
                    98:31:ba:14:8a:88:70:9d:fd:61:aa:97:c6:bc:8f:
                    c3:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:F5:54:64:0D:8D:54:20:F5:67:CA:D1:6D:4B:82:3F:F3:42:32:8E
            X509v3 Authority Key Identifier:
                keyid:89:18:76:37:96:61:09:66:33:CC:F1:E1:4D:82:D1:BB:B9:CB:F1:33

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/D3cieqzvMC2PKTA9TYePjqQn8Q2dKxfX8RghKKopqMFP/0/891876379661096633CCF1E14D82D1BBB9CBF133.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/891876379661096633CCF1E14D82D1BBB9CBF133.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/D3cieqzvMC2PKTA9TYePjqQn8Q2dKxfX8RghKKopqMFP/0/323830343a363235633a3a2f33322d3332203d3e20323639323932.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:625c::/32

    Signature Algorithm: sha256WithRSAEncryption
         59:55:85:cf:23:18:03:ed:ab:53:09:e3:2b:c6:5c:1e:ba:7f:
         63:5e:c0:d8:9f:90:df:0d:cc:c9:35:73:35:65:7d:67:cf:20:
         33:b1:98:d7:dc:1f:ae:3a:0f:47:bb:84:6f:c4:fa:76:98:e2:
         aa:0f:ac:0b:50:d2:06:ea:da:76:1e:b6:48:47:5e:20:5b:37:
         27:40:cb:36:1f:1d:4f:21:fa:35:f4:c4:82:3b:37:51:4f:6e:
         1f:46:83:60:fa:67:de:77:cf:f7:d4:3a:28:ce:19:2d:93:91:
         11:03:59:52:fe:88:90:7f:67:6f:92:ef:2f:32:b4:ef:aa:01:
         8c:95:cb:a8:41:6a:98:1e:21:16:43:30:ef:b0:2c:2d:1a:9a:
         9a:fd:68:2e:22:72:e3:98:0f:e5:05:00:94:5d:dd:59:0e:e7:
         c0:73:86:d6:b0:49:91:78:af:0a:c0:b4:83:f4:35:fb:1c:c0:
         6c:af:23:50:43:b2:99:b7:4f:3e:93:a5:6f:54:20:f9:ce:20:
         e3:c5:6a:99:6f:36:13:71:f0:6f:10:8e:d6:94:fd:87:a6:f3:
         94:40:b1:ae:fe:21:8c:79:16:e5:37:a8:f2:0b:d7:f0:7d:84:
         e8:db:8c:19:a4:96:60:f0:d1:93:f3:9b:24:bc:96:f4:88:aa:
         63:c9:f3:52
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUUs/xothM3Im1kT49jt69papgPdYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODkxODc2Mzc5NjYxMDk2NjMzQ0NGMUUxNEQ4MkQxQkJC
OUNCRjEzMzAeFw0yNTA5MTYxNzAyMDdaFw0yNjA5MTUxNzA3MDdaMDMxMTAvBgNV
BAMTKDIxRjU1NDY0MEQ4RDU0MjBGNTY3Q0FEMTZENEI4MjNGRjM0MjMyOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWircOBsbEfIUFRvweNNggSMK2
ovv+CX2HmGJrN84UhEJ0ikSOsC/6s3nRiZBhqnQJcMTMmo1Bf+f0f0h41lnzwV9o
9UildcDsRLmVbSDme8bGnQgEDF+gvQLMGTc2VeYhdLKk5irSikU4pI5Lp438j4ti
zy+sldccuwByWOcT9Omy02HTVHXfk+YEklb57wyWoqhmKa4Zr7TOqmY5jHhPjbPV
jDfzq9U9MhxP2BcsemlYPqhbLsNZiEHs1pUtylQR2Gfw2TeDxF/e5+2zPntzt9xw
K2QgJZh6b2VXv1J2zL/qkAnCGenS09oDwDpiFpgxuhSKiHCd/WGql8a8j8PHAgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUIfVUZA2NVCD1Z8rRbUuCP/NCMo4wHwYDVR0j
BBgwFoAUiRh2N5ZhCWYzzPHhTYLRu7nL8TMwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vRDNjaWVxenZNQzJQS1RBOVRZZVBqcVFuOFEyZEt4Zlg4UmdoS0tvcHFN
RlAvMC84OTE4NzYzNzk2NjEwOTY2MzNDQ0YxRTE0RDgyRDFCQkI5Q0JGMTMzLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzg5MTg3NjM3OTY2MTA5NjYz
M0NDRjFFMTREODJEMUJCQjlDQkYxMzMuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0QzY2llcXp2TUMyUEtUQTlUWWVQanFRbjhRMmRLeGZYOFJnaEtLb3BxTUZQLzAv
MzIzODMwMzQzYTM2MzIzNTYzM2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzNjM5
MzIzOTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEH
AQH/BBEwDzANBAIAAjAHAwUAKARiXDANBgkqhkiG9w0BAQsFAAOCAQEAWVWFzyMY
A+2rUwnjK8ZcHrp/Y17A2J+Q3w3MyTVzNWV9Z88gM7GY19wfrjoPR7uEb8T6dpji
qg+sC1DSBuradh62SEdeIFs3J0DLNh8dTyH6NfTEgjs3UU9uH0aDYPpn3nfP99Q6
KM4ZLZOREQNZUv6IkH9nb5LvLzK076oBjJXLqEFqmB4hFkMw77AsLRqamv1oLiJy
45gP5QUAlF3dWQ7nwHOG1rBJkXivCsC0g/Q1+xzAbK8jUEOymbdPPpOlb1Qg+c4g
48VqmW82E3HwbxCO1pT9h6bzlECxrv4hjHkW5Teo8gvX8H2E6NuMGaSWYPDRk/Ob
JLyW9IiqY8nzUg==
-----END CERTIFICATE-----
Generated at Tue Oct 21 02:15:17 2025 by rpki-client